CVE-2004-1973

Severity

50%

Complexity

99%

Confidentiality

48%

DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi converts the slashes to \ (backslash) characters.

DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi converts the slashes to \ (backslash) characters.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

First reported 20 years ago

2004-04-27 04:00:00

Last updated 7 years ago

2017-07-11 01:31:00

Affected Software

DiGi DiGi WWW Server Compieuw

compieuw

DiGi DiGi WWW Server Compieuw.1

compieuw

DiGi DiGi WWW Server Compieuw beta 2

compieuw

References

20040427 resources consumption in DiGi WWW Server

11490

Patch, Vendor Advisory

1009957

http://sourceforge.net/project/shownotes.php?release_id=234261

Patch

http://www.autistici.org/fdonato/advisory/DiGiWwwServerC1-adv.txt

5702

Exploit, Patch, Vendor Advisory

10228

Exploit, Patch, Vendor Advisory

digi-www-slash-dos(15987)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.